Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/851d66-b956-4bce-8bd6-5451441ea633/1/R-NS83JVAUfgpxlSr-4UsEzpx2I.roa
File: R-NS83JVAUfgpxlSr-4UsEzpx2I.roa (raw, json)
Hash identifier: tYPZLu9oBjQ8lVkFL7PyqaxBMpinQ2mh3tF1NB9aiqA=
Subject key identifier: 47:E3:52:F3:72:55:01:47:E0:A7:19:52:AF:EE:14:B0:4C:E9:C7:62
Certificate issuer: /CN=940e2a716e5d89895dfea2ef2903081dede99c68
Certificate serial: 01856F799CF4360BE08C61245184A5C20A96
Authority key identifier: 94:0E:2A:71:6E:5D:89:89:5D:FE:A2:EF:29:03:08:1D:ED:E9:9C:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lA4qcW5diYld_qLvKQMIHe3pnGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/851d66-b956-4bce-8bd6-5451441ea633/1/R-NS83JVAUfgpxlSr-4UsEzpx2I.roa
Signing time: Sun 01 Jan 2023 22:35:19 +0000
ROA not before: Sun 01 Jan 2023 22:35:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31317
IP address blocks: 2001:678:970::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:9c:f4:36:0b:e0:8c:61:24:51:84:a5:c2:0a:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=940e2a716e5d89895dfea2ef2903081dede99c68
Validity
Not Before: Jan 1 22:35:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47e352f372550147e0a71952afee14b04ce9c762
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:b1:d3:ba:d5:a1:e8:4f:19:8a:6d:b6:2e:19:
d0:44:16:89:57:91:fa:59:f9:05:6a:af:d6:71:4b:
cb:b2:16:0d:96:40:e1:49:6a:55:95:29:18:e1:4b:
80:9a:a0:4d:36:07:0a:82:c3:ba:98:a5:61:fb:e0:
86:3a:4d:21:58:74:35:be:7c:22:ee:4a:5f:1b:40:
81:93:6f:fc:0e:9b:38:c9:66:9d:80:a7:4b:58:b8:
4d:a7:1d:1a:9b:cd:5e:dd:92:77:89:d2:1e:c7:cb:
91:18:95:6b:e6:77:5e:c5:b2:f9:15:c0:9f:ae:76:
62:7a:a8:c5:5d:d5:ae:72:2f:1a:de:54:f1:2b:3c:
e4:03:45:1b:5c:e0:f3:d6:5a:82:37:88:2d:cf:ac:
cf:4b:8d:77:7f:3d:98:62:ce:d5:f8:13:0e:e8:f3:
0b:f5:91:60:ac:51:96:0a:e6:ce:d2:b7:db:8e:3a:
bf:27:77:1f:f6:71:1c:44:98:57:0b:96:2e:bf:ca:
85:67:aa:46:88:01:a9:d0:10:9e:e7:cc:95:ea:e0:
22:c6:e0:bf:dd:21:02:4f:bc:6b:43:25:48:69:59:
6e:86:4d:ef:13:cc:55:10:5a:eb:49:a6:ec:db:3d:
86:25:7d:2b:10:68:72:2f:8b:64:38:e1:0a:47:b2:
88:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:E3:52:F3:72:55:01:47:E0:A7:19:52:AF:EE:14:B0:4C:E9:C7:62
X509v3 Authority Key Identifier:
keyid:94:0E:2A:71:6E:5D:89:89:5D:FE:A2:EF:29:03:08:1D:ED:E9:9C:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lA4qcW5diYld_qLvKQMIHe3pnGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/851d66-b956-4bce-8bd6-5451441ea633/1/R-NS83JVAUfgpxlSr-4UsEzpx2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/851d66-b956-4bce-8bd6-5451441ea633/1/lA4qcW5diYld_qLvKQMIHe3pnGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:970::/48
Signature Algorithm: sha256WithRSAEncryption
56:3e:a2:ee:59:21:60:04:9b:49:f2:f1:bf:7a:08:6d:c4:9f:
c6:b7:eb:59:c5:a4:dd:6d:76:d7:48:9a:10:2f:dc:e9:a2:26:
83:fe:fc:a1:2e:e0:63:51:ce:a8:e0:f4:43:bc:64:7c:df:aa:
1e:08:5f:ab:d2:6f:a8:ae:d9:da:36:22:7b:c4:08:d8:76:e1:
3e:ce:82:85:2f:03:46:1c:36:21:ad:a2:71:27:6f:02:3a:83:
f1:c1:a4:a1:c5:bb:ec:f0:ef:eb:09:9d:2b:75:51:64:0f:9c:
7f:d5:5b:c5:b5:ce:f6:36:be:95:34:5e:21:e8:ce:d0:03:7a:
5e:27:ff:54:0f:cf:5c:c3:53:32:06:18:f3:55:3d:d3:ad:1f:
9b:af:40:da:ea:d6:20:4c:63:22:09:c5:72:85:6b:29:72:16:
aa:10:e8:15:86:3c:e1:ab:e9:0e:e2:3a:61:a5:f7:44:24:6f:
37:49:74:bd:e6:45:d0:a4:68:1f:6c:c7:60:56:7b:52:96:ed:
4a:a9:e1:0f:b2:a1:8e:0d:07:56:ce:95:e4:2b:8a:8a:31:ed:
3f:ac:08:db:59:37:0c:ef:d2:01:26:fc:cd:2e:60:7e:fb:1a:
e0:20:1d:b8:d7:8f:fc:55:b4:b2:65:88:3e:e3:b3:ae:3d:db:
ec:0f:57:2f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVveZz0NgvgjGEkUYSlwgqWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MGUyYTcxNmU1ZDg5ODk1ZGZlYTJlZjI5MDMwODFkZWRl
OTljNjgwHhcNMjMwMTAxMjIzNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2UzNTJmMzcyNTUwMTQ3ZTBhNzE5NTJhZmVlMTRiMDRjZTljNzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibHTutWh6E8Zim22LhnQRBaJV5H6
WfkFaq/WcUvLshYNlkDhSWpVlSkY4UuAmqBNNgcKgsO6mKVh++CGOk0hWHQ1vnwi
7kpfG0CBk2/8Dps4yWadgKdLWLhNpx0am81e3ZJ3idIex8uRGJVr5ndexbL5FcCf
rnZieqjFXdWuci8a3lTxKzzkA0UbXODz1lqCN4gtz6zPS413fz2YYs7V+BMO6PML
9ZFgrFGWCubO0rfbjjq/J3cf9nEcRJhXC5Yuv8qFZ6pGiAGp0BCe58yV6uAixuC/
3SECT7xrQyVIaVluhk3vE8xVEFrrSabs2z2GJX0rEGhyL4tkOOEKR7KIDQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEfjUvNyVQFH4KcZUq/uFLBM6cdiMB8GA1UdIwQY
MBaAFJQOKnFuXYmJXf6i7ykDCB3t6ZxoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEE0cWNXNWRpWWxkX3FMdktRTUlIZTNwbkdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi84NTFkNjYtYjk1Ni00YmNlLThiZDYt
NTQ1MTQ0MWVhNjMzLzEvUi1OUzgzSlZBVWZncHhsU3ItNFVzRXpweDJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi84NTFkNjYtYjk1Ni00YmNlLThiZDYtNTQ1MTQ0MWVhNjMz
LzEvbEE0cWNXNWRpWWxkX3FMdktRTUlIZTNwbkdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAlw
MA0GCSqGSIb3DQEBCwUAA4IBAQBWPqLuWSFgBJtJ8vG/eghtxJ/Gt+tZxaTdbXbX
SJoQL9zpoiaD/vyhLuBjUc6o4PRDvGR836oeCF+r0m+ortnaNiJ7xAjYduE+zoKF
LwNGHDYhraJxJ28COoPxwaShxbvs8O/rCZ0rdVFkD5x/1VvFtc72Nr6VNF4h6M7Q
A3peJ/9UD89cw1MyBhjzVT3TrR+br0Da6tYgTGMiCcVyhWspchaqEOgVhjzhq+kO
4jphpfdEJG83SXS95kXQpGgfbMdgVntSlu1KqeEPsqGODQdWzpXkK4qKMe0/rAjb
WTcM79IBJvzNLmB++xrgIB2414/8VbSyZYg+47OuPdvsD1cv
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:33:48 2025 by rpki-client